Preventing passwords from displaying in clear text in the console output and log files
It is a good practice to obfuscate or hide passwords from console output and log files. Internal policies or industry regulations may dictate that passwords must not be visible in clear text form within log files. Certain policies allow the encrypted hash value to be displayed for the purpose of debugging, while others dictate that passwords must not appear at all.
Talend can obfuscate or exclude passwords from within Talend Studio and the log files.
Hiding passwords in the console output and log files
Navigate to Project Settings and clear the Print Operations check box.
To be safe, it is also recommended to select Disable errors, Disable warnings and Disable info to prevent any context-related information from being printed to the console output or log file. This is to avoid context variable values from being printed to the console output or log file if the context variable is not used in the job to trigger a warning, or if the value is printed just for information.
If you use the tContextLoad component, set the same options as in the previous step.
If you use tContextDump, select the Hide
Password check box.
If this check box is not available in your version of Talend, it is recommended to upgrade it.
The value of the password will be hidden and asterisks will be displayed instead.
Use a context variable.
The context variable value of the Password type is encoded so that it is not in clear text. It is an obfuscation algorithm, not a one-way encryption. The password is decoded at run time before connecting to the source or target system. The password is displayed in asterisks in Talend Studio, in the console and in the log file.
Click the Code tab on a Job and check if
System.out.println()was hand-coded to write the value of the password to the console output and log files.
Check the user-defined code routines for a hard-coded password or
System.out.println()trying to write the value of the password to the console output and log files.